Leader: Hacking law updates are overdue

Better late than never...

It's taken some time for MPs to decide how to update the UK's laws against hackers. Nevertheless, the proposals in the new Police and Justice Bill don't look too shabby.

For years the Computer Misuse Act (1990) has failed to sufficiently deter hackers from doing what they love most - controlling other people's computers. But the latest proposals, if passed, would mean that hackers could face longer jail terms and higher fines.

Parliament has obviously been slow to react to rapid changes in technology but the new law reflects that MPs are aware of this. They have opted not to define specific attacks, such as denial-of-service, or outlaw the tools hackers use, such as viruses, but to focus on the intent behind an action.

The government almost went down the route of trying to outlaw certain hacking tools but experts soon pointed out that this could outlaw everyday security experts who use hacking software to carry out penetration tests on systems.

On the flip side though, the vague wording of the law brings a level of ambiguity into the debate. Will this give hackers an excuse to be let off the hook, providing they can prove they were only mucking about? Some have argued that we are now in unknown territory and the real test of the law will be when someone is actually prosecuted under it.

Saying this, the law probably won't affect most of the hacking attacks that occur. If it only applies to people in the UK, some could argue that it's a waste of time as many attacks (if not most) come from other countries. At least that's the way it's supposed to look with people hopping on proxy servers around the globe.

But every other country has the problem of a limited jurisdiction on the internet to deal with too. So at least this is a start and the UK is making a statement it wants to get its own house in order.